e346dacb5096920ca4953c933a94b1cbdfd1a2bb0450ef82191dccf8f71cf43e | Triage

Sharing

General

Target

e346dacb5096920ca4953c933a94b1cbdfd1a2bb0450ef82191dccf8f71cf43e
Size

299KB
Sample

221123-p32ybsfh9x
MD5

c7df8da8da673768ff7fea2ebdcd8ddf
SHA1

56cb2f20a9a1db46720fef4e102881cd741f40e9
SHA256

e346dacb5096920ca4953c933a94b1cbdfd1a2bb0450ef82191dccf8f71cf43e
SHA512

f345d0f4466bfee449ee04f9c8def9175faf89e184c2d461519998fc8692827540a04190a0c98e676d2d4797a241d12e0dd814bd8438b2af67e39cabc488bf7e
SSDEEP

6144:wmaQqrJznERQvOYQ1Dig9RvUb8X3UyH88Hit48YLwkFIelW:LapznEKmLViQvUI0yeqwkF

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e346dacb5096920ca4953c933a94b1cbdfd1a2bb0450ef82191dccf8f71cf43e
- Size
  
  299KB
- MD5
  
  c7df8da8da673768ff7fea2ebdcd8ddf
- SHA1
  
  56cb2f20a9a1db46720fef4e102881cd741f40e9
- SHA256
  
  e346dacb5096920ca4953c933a94b1cbdfd1a2bb0450ef82191dccf8f71cf43e
- SHA512
  
  f345d0f4466bfee449ee04f9c8def9175faf89e184c2d461519998fc8692827540a04190a0c98e676d2d4797a241d12e0dd814bd8438b2af67e39cabc488bf7e
- SSDEEP
  
  6144:wmaQqrJznERQvOYQ1Dig9RvUb8X3UyH88Hit48YLwkFIelW:LapznEKmLViQvUI0yeqwkF
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2